Hacking
If you are looking for a low budget, small form-factor remotely accessible hacking tool, then the concepts in this book are ideal for you. If you are a penetration tester who wants to save on travel costs by placing a low-cost node on a target network, you will save thousands by using the methods covered in this book. You do not have to be a skilled hacker or programmer to use this book. It will be beneficial to have some networking experience; however, it is not required to follow the concepts covered in this book.
Keith M.
An easy-to-understand, step-by-step practical guide that shows you how to use the Linux Bash terminal tools to solve information security problems. If you are a penetration tester, system administrator, or developer who would like an enriching and practical introduction to the Bash shell and Kali Linux command-line-based tools, this is the book for you.
Pentesting APIs. A practical guide to discovering, fingerprinting, and exploiting APIs
Maurício Harley
Understanding API security is crucial as APIs form the backbone of modern interconnected applications, making them prime targets for cyberattacks. Drawing on nearly 30 years of cybersecurity experience and an extensive background in network security and forensic analysis, this book provides the knowledge and tools to strengthen your API security practices and protect against cyber threats comprehensively.This book begins by establishing a foundational understanding of APIs, particularly focusing on REST and GraphQL, emphasizing their critical role and potential security vulnerabilities. It guides you through setting up a penetration testing environment to ensure the practical application of concepts. You’ll learn reconnaissance techniques, information-gathering strategies, and the discovery of API vulnerabilities. Authentication and authorization testing are thoroughly explored, covering mechanisms, weaknesses, and methods to bypass security controls. By comprehensively addressing these aspects, the book equips you to understand, identify, and mitigate risks, strengthening API security and effectively minimizing potential attack surfaces.By the end of this book, you’ll have developed practical skills to identify, exploit, and secure APIs against various vulnerabilities and attacks.
Paul Smith
The industrial cybersecurity domain has grown significantly in recent years. To completely secure critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products.This is a unique pentesting book, which takes a different approach by helping you gain hands-on experience with equipment that you’ll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment.You'll start by getting to grips with the basics of industrial processes, and then see how to create and break the process, along with gathering open-source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, port and service discovery, pivoting, and much more, before finally launching attacks against systems in an industrial network.By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS), but you'll also have developed essential offensive and defensive skills to proactively protect industrial networks from modern cyberattacks.
Paul Smith
The industrial cybersecurity domain has grown significantly in recent years. To completely secure critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products.This is a unique pentesting book, which takes a different approach by helping you gain hands-on experience with equipment that you’ll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment.You'll start by getting to grips with the basics of industrial processes, and then see how to create and break the process, along with gathering open-source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, port and service discovery, pivoting, and much more, before finally launching attacks against systems in an industrial network.By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS), but you'll also have developed essential offensive and defensive skills to proactively protect industrial networks from modern cyberattacks.
Performance Testing with JMeter 3. Enhance the performance of your web application - Third Edition
Bayo Erinle
JMeter is a Java application designed to load and test performance for web application. JMeter extends to improve the functioning of various other static and dynamic resources. This book is a great starting point to learn about JMeter. It covers the new features introduced with JMeter 3 and enables you to dive deep into the new techniques needed for measuring your website performance.The book starts with the basics of performance testing and guides you through recording your first test scenario, before diving deeper into JMeter. You will also learn how to configure JMeter and browsers to help record test plans.Moving on, you will learn how to capture form submission in JMeter, dive into managing sessions with JMeter and see how to leverage some of the components provided by JMeter to handle web application HTTP sessions. You will also learn how JMeter can help monitor tests in real-time.Further, you will go in depth into distributed testing and see how to leverage the capabilities of JMeter to accomplish this. You will get acquainted with some tips and best practices with regard to performance testing. By the end of the book, you will have learned how to take full advantage of the real power behind Apache JMeter.
Performance Testing with JMeter 3. Enhance the performance of your web application - Third Edition
Bayo Erinle
JMeter is a Java application designed to load and test performance for web application. JMeter extends to improve the functioning of various other static and dynamic resources. This book is a great starting point to learn about JMeter. It covers the new features introduced with JMeter 3 and enables you to dive deep into the new techniques needed for measuring your website performance.The book starts with the basics of performance testing and guides you through recording your first test scenario, before diving deeper into JMeter. You will also learn how to configure JMeter and browsers to help record test plans.Moving on, you will learn how to capture form submission in JMeter, dive into managing sessions with JMeter and see how to leverage some of the components provided by JMeter to handle web application HTTP sessions. You will also learn how JMeter can help monitor tests in real-time.Further, you will go in depth into distributed testing and see how to leverage the capabilities of JMeter to accomplish this. You will get acquainted with some tips and best practices with regard to performance testing. By the end of the book, you will have learned how to take full advantage of the real power behind Apache JMeter.
pfSense 2.x Cookbook. Manage and maintain your network using pfSense - Second Edition
David Zientara
pfSense is an open source distribution of the FreeBSD-based firewall that provides a platform for ?exible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important compared to other offerings. pfSense 2.x Cookbook – Second Edition starts by providing you with an understanding of how to complete the basic steps needed to render a pfSense firewall operational. It starts by showing you how to set up different forms of NAT entries and firewall rules and use aliases and scheduling in firewall rules. Moving on, you will learn how to implement a captive portal set up in different ways (no authentication, user manager authentication, and RADIUS authentication), as well as NTP and SNMP configuration. You will then learn how to set up a VPN tunnel with pfSense. The book then focuses on setting up traffic shaping with pfSense, using either the built-in traffic shaping wizard, custom ?oating rules, or Snort. Toward the end, you will set up multiple WAN interfaces, load balancing and failover groups, and a CARP failover group. You will also learn how to bridge interfaces, add static routing entries, and use dynamic routing protocols via third-party packages.
PHP, MySQL i JavaScript. Wprowadzenie. Wydanie V
Robin Nixon
Trio: PHP, MySQL i JavaScript jest znane jako najwygodniejszy zestaw narzędzi do tworzenia dynamicznych stron internetowych, które do działania wymagają bazy danych. Mimo upływu lat i dynamicznego rozwoju konkurencyjnych technologii twórcy aplikacji WWW wciąż cenią PHP, MySQL i JavaScript za otwarte źródła, brak opłat za korzystanie, elastyczność i łatwość w nauce. Każdy ambitny programista posługujący się systemem Unix czy Linux z serwerem Apache powinien zapoznać się z tymi narzędziami. W połączeniu z takimi technologiami jak jQuery, CSS i HTML5 pozwalają budować serwisy porównywalne z gigantami w rodzaju Facebooka, Twittera czy Gmaila. Ta książka jest kolejnym, uzupełnionym i zaktualizowanym wydaniem znakomitego wprowadzenia do projektowania dynamicznych stron internetowych. Oprócz przystępnego omówienia technik tworzenia responsywnych stron WWW znalazły się tu solidne podstawy PHP, MySQL, JavaScriptu, CSS i HTML5; opisano też możliwości bibliotek jQuery i jQuery Mobile. Pokazano, jak połączyć możliwości tych technologii, oraz opisano zalecane metody programowania. Co istotne, w książce zawarto wskazówki dotyczące optymalizacji stron WWW pod kątem urządzeń mobilnych. Dzięki licznym przykładom uzyskaną wiedzę można na bieżąco testować w praktyce. W tej książce między innymi: baza danych i zapytania MySQL podstawy tworzenia dynamicznych stron PHP mechanizm sesji i zachowanie zasad bezpieczeństwa biblioteki jQuery i jQuery Mobile oraz żądania Ajax CSS2 i CSS3 oraz nowe funkcje HTML5: geolokacja, obsługa dźwięku i filmów, canvas PHP, MySQL i JavaScript: klasyczne narzędzia dla nowoczesnych rozwiązań!
Phara McLachlan
This book is a detailed IT Asset Management (ITAM) guidebook with real-world templates that can be converted into working ITAM documents. It is a step-by-step IT Asset Management manual for the newbies as well as the seasoned ITAM veterans, providing a unique insight into asset management. It discusses how risk management has changed over time and the possible solutions needed to address the new normal. This book is your perfect guide to create holistic IT Asset Management and Software Asset Management programs that close the risk gaps, increases productivity and results in cost efficiencies. It allows the IT Asset Managers, Software Asset Managers, and/or the full ITAM program team to take a deep dive by using the templates offered in the guidebook. You will be aware of the specific roles and responsibilities for every aspect of IT Asset Management, Software Asset Management, and Software License Compliance Audit Response. By the end of this book, you will be well aware of what IT and Software Asset Management is all about and the different steps, processes, and roles required to truly master it.
Podstawy kryptografii. Wydanie III
Marcin Karbowski
Przekonaj się, jak fascynująca jest kryptografia! Poznaj historię rozwoju kryptografii Opanuj jej matematyczne podstawy Rozpracuj najważniejsze algorytmy kryptograficzne Dowiedz się, jak zastosować je w praktyce Kryptografia to dziedzina nauki, której sedno stanowią sposoby bezpiecznego przekazywania informacji. Jest ona niemal tak stara, jak nasza cywilizacja, a dziś rozwija się w sposób niezwykle dynamiczny. Gdy tylko narodziły się pierwsze metody zapisu i komunikowania się, pojawiła się też konieczność zabezpieczenia informacji przed tymi, którzy mogliby wykorzystać je na niekorzyść osób dysponujących tymi informacjami. Od bezpieczeństwa ważnych informacji zależały często losy całych państw i narodów. O rozstrzygnięciach wielkich bitew nierzadko decydowały inteligencja i determinacja pojedynczych osób, które potrafiły odpowiednio skutecznie szyfrować (bądź też deszyfrować) nadawane (lub przechwytywane) komunikaty. O tej fascynującej dziedzinie wiedzy opowiada książka Podstawy kryptografii. Wydanie III. Wprowadza ona czytelnika w podstawowe zagadnienia kryptografii bez przygniatania nadmiarem teorii i skomplikowaną matematyką. Kusi za to barwnymi opisami i pasjonującymi przykładami "kryptograficznych wojen". Można dzięki niej poznać historię rozwoju technik szyfrowania informacji, matematyczne podstawy kryptografii, stojącą za nią teorię oraz praktyczne zastosowania tej nauki. Niezależnie od tego, czy chcesz poznać kryptografię na własny użytek, czy jest Ci to potrzebne w celach zawodowych, książka ta okaże się doskonałym przewodnikiem po świecie szyfrów, kluczy i algorytmów zabezpieczających dane. Znajdziesz w niej informacje na temat protokołów SSL i SSH, a także szczegółowy opis algorytmu SHA3. Przegląd klasycznych sposobów szyfrowania Matematyczne podstawy kryptografii Praktyczne zastosowanie mechanizmów matematycznych Teoria kryptoanalizy i informacji oraz jej praktyczne wykorzystanie Przegląd protokołów kryptograficznych Klucze publiczne i prywatne Zasady zabezpieczania danych, połączeń i systemów komputerowych Potwierdzanie tożsamości za pomocą podpisów elektronicznych Zabezpieczanie stron internetowych i szyfrowanie baz danych Naucz się chronić cenne dane!
Podstawy kryptografii. Wydanie III
Marcin Karbowski
Przekonaj się, jak fascynująca jest kryptografia! Poznaj historię rozwoju kryptografii Opanuj jej matematyczne podstawy Rozpracuj najważniejsze algorytmy kryptograficzne Dowiedz się, jak zastosować je w praktyce Kryptografia to dziedzina nauki, której sedno stanowią sposoby bezpiecznego przekazywania informacji. Jest ona niemal tak stara, jak nasza cywilizacja, a dziś rozwija się w sposób niezwykle dynamiczny. Gdy tylko narodziły się pierwsze metody zapisu i komunikowania się, pojawiła się też konieczność zabezpieczenia informacji przed tymi, którzy mogliby wykorzystać je na niekorzyść osób dysponujących tymi informacjami. Od bezpieczeństwa ważnych informacji zależały często losy całych państw i narodów. O rozstrzygnięciach wielkich bitew nierzadko decydowały inteligencja i determinacja pojedynczych osób, które potrafiły odpowiednio skutecznie szyfrować (bądź też deszyfrować) nadawane (lub przechwytywane) komunikaty. O tej fascynującej dziedzinie wiedzy opowiada książka Podstawy kryptografii. Wydanie III. Wprowadza ona czytelnika w podstawowe zagadnienia kryptografii bez przygniatania nadmiarem teorii i skomplikowaną matematyką. Kusi za to barwnymi opisami i pasjonującymi przykładami "kryptograficznych wojen". Można dzięki niej poznać historię rozwoju technik szyfrowania informacji, matematyczne podstawy kryptografii, stojącą za nią teorię oraz praktyczne zastosowania tej nauki. Niezależnie od tego, czy chcesz poznać kryptografię na własny użytek, czy jest Ci to potrzebne w celach zawodowych, książka ta okaże się doskonałym przewodnikiem po świecie szyfrów, kluczy i algorytmów zabezpieczających dane. Znajdziesz w niej informacje na temat protokołów SSL i SSH, a także szczegółowy opis algorytmu SHA3. Przegląd klasycznych sposobów szyfrowania Matematyczne podstawy kryptografii Praktyczne zastosowanie mechanizmów matematycznych Teoria kryptoanalizy i informacji oraz jej praktyczne wykorzystanie Przegląd protokołów kryptograficznych Klucze publiczne i prywatne Zasady zabezpieczania danych, połączeń i systemów komputerowych Potwierdzanie tożsamości za pomocą podpisów elektronicznych Zabezpieczanie stron internetowych i szyfrowanie baz danych Naucz się chronić cenne dane!
Rick Lehtinen, Deborah Russell, G T Gangemi
Zadbaj o bezpieczeństwo swojego komputera Poznaj zagrożenia, na jakie narażony jest komputer Naucz się kontrolować dostęp do komputera Stosuj techniki zapewniające bezpieczeństwo w sieci Czy mój komputer na pewno jest bezpieczny? Wiele osób zadaje sobie to pytanie dopiero w momencie, kiedy system zaczyna zachowywać się w podejrzany sposób. Okazuje się wówczas, że skaner wykrywa dziesiątki, a nawet setki wirusów, programy zaczynają działać nieprawidłowo, a z dysku giną ważne dane. Pół biedy, jeśli jest to tylko domowy komputer z prywatnymi plikami. Dużo gorsze skutki może mieć włamanie do firmowej bazy danych lub przechwycenie poufnej komunikacji. Książka "Podstawy ochrony komputerów" to wszechstronne wprowadzenie do najważniejszych zagadnień dotyczących bezpieczeństwa danych i sprzętu. Czytając ją, poznasz zagrożenia, jakie czyhają na użytkowników komputerów, ale także skuteczne techniki ochrony. Nauczysz się kontrolować dostęp do danych, prowadzić efektywną politykę zabezpieczeń, wykrywać i usuwać wirusy oraz zapobiegać przenikaniu ich do systemu. Dowiesz się, jak zapewnić bezpieczeństwo komputera w sieci oraz jak używać szyfrowania do przesyłania poufnych informacji. Przeczytasz też o najnowszych technikach zabezpieczenia bazującego na danych biometrycznych (wzorze siatkówki czy odciskach palców) oraz ochronie sieci bezprzewodowych. Niebezpieczeństwa grożące użytkownikom komputerów Kontrolowanie dostępu do komputera Walka z wirusami Prowadzenie skutecznej polityki zabezpieczeń Bezpieczne korzystanie z sieci Szyfrowanie poufnych danych Komunikacja bez ryzyka Zabezpieczenia biometryczne Tworzenie bezpiecznych sieci bezprzewodowych Stosuj skuteczne zabezpieczenia i zapewnij maksymalne bezpieczeństwo swojemu komputerowi!
Rick Lehtinen, Deborah Russell, G T Gangemi
Zadbaj o bezpieczeństwo swojego komputera Poznaj zagrożenia, na jakie narażony jest komputer Naucz się kontrolować dostęp do komputera Stosuj techniki zapewniające bezpieczeństwo w sieci Czy mój komputer na pewno jest bezpieczny? Wiele osób zadaje sobie to pytanie dopiero w momencie, kiedy system zaczyna zachowywać się w podejrzany sposób. Okazuje się wówczas, że skaner wykrywa dziesiątki, a nawet setki wirusów, programy zaczynają działać nieprawidłowo, a z dysku giną ważne dane. Pół biedy, jeśli jest to tylko domowy komputer z prywatnymi plikami. Dużo gorsze skutki może mieć włamanie do firmowej bazy danych lub przechwycenie poufnej komunikacji. Książka "Podstawy ochrony komputerów" to wszechstronne wprowadzenie do najważniejszych zagadnień dotyczących bezpieczeństwa danych i sprzętu. Czytając ją, poznasz zagrożenia, jakie czyhają na użytkowników komputerów, ale także skuteczne techniki ochrony. Nauczysz się kontrolować dostęp do danych, prowadzić efektywną politykę zabezpieczeń, wykrywać i usuwać wirusy oraz zapobiegać przenikaniu ich do systemu. Dowiesz się, jak zapewnić bezpieczeństwo komputera w sieci oraz jak używać szyfrowania do przesyłania poufnych informacji. Przeczytasz też o najnowszych technikach zabezpieczenia bazującego na danych biometrycznych (wzorze siatkówki czy odciskach palców) oraz ochronie sieci bezprzewodowych. Niebezpieczeństwa grożące użytkownikom komputerów Kontrolowanie dostępu do komputera Walka z wirusami Prowadzenie skutecznej polityki zabezpieczeń Bezpieczne korzystanie z sieci Szyfrowanie poufnych danych Komunikacja bez ryzyka Zabezpieczenia biometryczne Tworzenie bezpiecznych sieci bezprzewodowych Stosuj skuteczne zabezpieczenia i zapewnij maksymalne bezpieczeństwo swojemu komputerowi!
Rick Lehtinen, Deborah Russell, G T Gangemi
Zadbaj o bezpieczeństwo swojego komputera Poznaj zagrożenia, na jakie narażony jest komputer Naucz się kontrolować dostęp do komputera Stosuj techniki zapewniające bezpieczeństwo w sieci Czy mój komputer na pewno jest bezpieczny? Wiele osób zadaje sobie to pytanie dopiero w momencie, kiedy system zaczyna zachowywać się w podejrzany sposób. Okazuje się wówczas, że skaner wykrywa dziesiątki, a nawet setki wirusów, programy zaczynają działać nieprawidłowo, a z dysku giną ważne dane. Pół biedy, jeśli jest to tylko domowy komputer z prywatnymi plikami. Dużo gorsze skutki może mieć włamanie do firmowej bazy danych lub przechwycenie poufnej komunikacji. Książka "Podstawy ochrony komputerów" to wszechstronne wprowadzenie do najważniejszych zagadnień dotyczących bezpieczeństwa danych i sprzętu. Czytając ją, poznasz zagrożenia, jakie czyhają na użytkowników komputerów, ale także skuteczne techniki ochrony. Nauczysz się kontrolować dostęp do danych, prowadzić efektywną politykę zabezpieczeń, wykrywać i usuwać wirusy oraz zapobiegać przenikaniu ich do systemu. Dowiesz się, jak zapewnić bezpieczeństwo komputera w sieci oraz jak używać szyfrowania do przesyłania poufnych informacji. Przeczytasz też o najnowszych technikach zabezpieczenia bazującego na danych biometrycznych (wzorze siatkówki czy odciskach palców) oraz ochronie sieci bezprzewodowych. Niebezpieczeństwa grożące użytkownikom komputerów Kontrolowanie dostępu do komputera Walka z wirusami Prowadzenie skutecznej polityki zabezpieczeń Bezpieczne korzystanie z sieci Szyfrowanie poufnych danych Komunikacja bez ryzyka Zabezpieczenia biometryczne Tworzenie bezpiecznych sieci bezprzewodowych Stosuj skuteczne zabezpieczenia i zapewnij maksymalne bezpieczeństwo swojemu komputerowi!
PowerShell Automation and Scripting for Cybersecurity. Hacking and defense for red and blue teamers
Miriam C. Wiesner, Tanya Janca
Take your cybersecurity skills to the next level with this comprehensive PowerShell security guide! Whether you're on the red or blue team, you'll gain a deep understanding of PowerShell's security capabilities and how to apply them.With years of hands-on experience, the author brings real-world use cases to demonstrate PowerShell’s critical role in offensive and defensive security.After covering PowerShell basics and scripting fundamentals, you'll explore PowerShell Remoting and remote management technologies. You'll learn to configure and analyze Windows event logs, identifying crucial logs and IDs for effective monitoring. The book delves into PowerShell's interaction with system components, Active Directory, and Azure AD, including stealth execution methods. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, providing strategies to mitigate these risks. A dedicated red and blue team cookbook offers practical security tasks. Finally, you'll delve into mitigations such as Just Enough Administration, AMSI, application control, and code signing, emphasizing configuration, risks, exploitation, bypasses, and best practices.By the end of this book, you’ll confidently apply PowerShell for cybersecurity, from detection to defense, staying ahead of cyber threats.
PowerShell Automation and Scripting for Cybersecurity. Hacking and defense for red and blue teamers
Miriam C. Wiesner, Tanya Janca
Take your cybersecurity skills to the next level with this comprehensive PowerShell security guide! Whether you're on the red or blue team, you'll gain a deep understanding of PowerShell's security capabilities and how to apply them.With years of hands-on experience, the author brings real-world use cases to demonstrate PowerShell’s critical role in offensive and defensive security.After covering PowerShell basics and scripting fundamentals, you'll explore PowerShell Remoting and remote management technologies. You'll learn to configure and analyze Windows event logs, identifying crucial logs and IDs for effective monitoring. The book delves into PowerShell's interaction with system components, Active Directory, and Azure AD, including stealth execution methods. You’ll uncover authentication protocols, enumeration, credential theft, and exploitation, providing strategies to mitigate these risks. A dedicated red and blue team cookbook offers practical security tasks. Finally, you'll delve into mitigations such as Just Enough Administration, AMSI, application control, and code signing, emphasizing configuration, risks, exploitation, bypasses, and best practices.By the end of this book, you’ll confidently apply PowerShell for cybersecurity, from detection to defense, staying ahead of cyber threats.
Dr. Andrew Blyth, Campbell Murray
PowerShell for Penetration Testing is a comprehensive guide designed to equip you with the essential skills you need for conducting effective penetration tests using PowerShell.You'll start by laying a solid foundation by familiarizing yourself with the core concepts of penetration testing and PowerShell scripting. In this part, you'll get up to speed with the fundamental scripting principles and their applications across various platforms. You’ll then explore network enumeration, port scanning, exploitation of web services, databases, and more using PowerShell tools. Hands-on exercises throughout the book will solidify your understanding of concepts and techniques. Extending the scope to cloud computing environments, particularly MS Azure and AWS, this book will guide you through conducting penetration tests in cloud settings, covering governance, reconnaissance, and networking intricacies. In the final part, post-exploitation techniques, including command-and-control structures and privilege escalation using PowerShell, will be explored. This section encompasses post-exploitation activities on both Microsoft Windows and Linux systems.By the end of this book, you’ll have covered concise explanations, real-world examples, and exercises that will help you seamlessly perform penetration testing techniques using PowerShell.
Ganesh Prasad Kumble
AI and blockchain are two emerging technologies catalyzing the pace of enterprise innovation. With this book, you’ll understand both technologies and converge them to solve real-world challenges.This AI blockchain book is divided into three sections. The first section covers the fundamentals of blockchain, AI, and affiliated technologies, where you’ll learn to differentiate between the various implementations of blockchains and AI with the help of examples. The second section takes you through domain-specific applications of AI and blockchain. You’ll understand the basics of decentralized databases and file systems and connect the dots between AI and blockchain before exploring products and solutions that use them together. You’ll then discover applications of AI techniques in crypto trading. In the third section, you’ll be introduced to the DIApp design pattern and compare it with the DApp design pattern. The book also highlights unique aspects of SDLC (software development lifecycle) when building a DIApp, shows you how to implement a sample contact tracing application, and delves into the future of AI with blockchain.By the end of this book, you’ll have developed the skills you need to converge AI and blockchain technologies to build smart solutions using the DIApp design pattern.
Diana Kelley, Ed Moyle
Cybersecurity architecture is the discipline of systematically ensuring that an organization is resilient against cybersecurity threats. Cybersecurity architects work in tandem with stakeholders to create a vision for security in the organization and create designs that are implementable, goal-based, and aligned with the organization’s governance strategy.Within this book, you'll learn the fundamentals of cybersecurity architecture as a practical discipline. These fundamentals are evergreen approaches that, once mastered, can be applied and adapted to new and emerging technologies like artificial intelligence and machine learning. You’ll learn how to address and mitigate risks, design secure solutions in a purposeful and repeatable way, communicate with others about security designs, and bring designs to fruition. This new edition outlines strategies to help you work with execution teams to make your vision a reality, along with ways of keeping designs relevant over time. As you progress, you'll also learn about well-known frameworks for building robust designs and strategies that you can adopt to create your own designs.By the end of this book, you’ll have the foundational skills required to build infrastructure, cloud, AI, and application solutions for today and well into the future with robust security components for your organization.
Nino Vidović, Patrick Kirner-Fehrenbach
Are you truly unlocking the full potential of your embedded debugging tools? This hands-on guide cuts through the confusion of common workflows and shows you how to trace, profile, and debug ARM-based systems like a professional firmware engineer.Written by an industry expert, this book guides you through practical debugging scenarios using real hardware setups. You’ll explore both essential and advanced techniques, from setting breakpoints and analyzing memory to using hardware tracing, power profiling, and RTOS awareness. Through real-world crash analysis, you'll learn how to detect stack overflows, communication errors, memory leaks, and more.You will explore practical examples based on ARM Cortex-M target devices, which help you build structured and efficient debugging workflows. The learned skills can then be easily applied to other chip architectures as well. You’ll walk away with a clear understanding of the tools available, how to apply them in complex firmware projects, and the confidence to tackle even the most elusive bugs in production systems.Whether you’re refining your setup or debugging embedded systems at scale, this book will sharpen your skills and elevate your embedded development workflow.*Email sign-up and proof of purchase required
Nino Vidović, Patrick Kirner-Fehrenbach
Are you truly unlocking the full potential of your embedded debugging tools? This hands-on guide cuts through the confusion of common workflows and shows you how to trace, profile, and debug ARM-based systems like a professional firmware engineer.Written by an industry expert, this book guides you through practical debugging scenarios using real hardware setups. You’ll explore both essential and advanced techniques, from setting breakpoints and analyzing memory to using hardware tracing, power profiling, and RTOS awareness. Through real-world crash analysis, you'll learn how to detect stack overflows, communication errors, memory leaks, and more.You will explore practical examples based on ARM Cortex-M target devices, which help you build structured and efficient debugging workflows. The learned skills can then be easily applied to other chip architectures as well. You’ll walk away with a clear understanding of the tools available, how to apply them in complex firmware projects, and the confidence to tackle even the most elusive bugs in production systems.Whether you’re refining your setup or debugging embedded systems at scale, this book will sharpen your skills and elevate your embedded development workflow.*Email sign-up and proof of purchase required
Richard Boddington
Digital Forensics is a methodology which includes using various tools, techniques, and programming language. This book will get you started with digital forensics and then follow on to preparing investigation plan and preparing toolkit for investigation.In this book you will explore new and promising forensic processes and tools based on ‘disruptive technology’ that offer experienced and budding practitioners the means to regain control of their caseloads. During the course of the book, you will get to know about the technical side of digital forensics and various tools that are needed to perform digital forensics. This book will begin with giving a quick insight into the nature of digital evidence, where it is located and how it can be recovered and forensically examined to assist investigators. This book will take you through a series of chapters that look at the nature and circumstances of digital forensic examinations and explains the processes of evidence recovery and preservation from a range of digital devices, including mobile phones, and other media. This book has a range of case studies and simulations will allow you to apply the knowledge of the theory gained to real-life situations. By the end of this book you will have gained a sound insight into digital forensics and its key components.
Jean-Georges Valle
If you’re looking for hands-on introduction to pentesting that delivers, then Practical Hardware Pentesting is for you. This book will help you plan attacks, hack your embedded devices, and secure the hardware infrastructure.Throughout the book, you will see how a specific device works, explore the functional and security aspects, and learn how a system senses and communicates with the outside world. You’ll set up a lab from scratch and then gradually work towards an advanced hardware lab—but you’ll still be able to follow along with a basic setup. As you progress, you’ll get to grips with the global architecture of an embedded system and sniff on-board traffic, learn how to identify and formalize threats to the embedded system, and understand its relationship with its ecosystem. You’ll discover how to analyze your hardware and locate its possible system vulnerabilities before going on to explore firmware dumping, analysis, and exploitation. The reverse engineering chapter will get you thinking from an attacker point of view; you’ll understand how devices are attacked, how they are compromised, and how you can harden a device against the most common hardware attack vectors. By the end of this book, you will be well-versed with security best practices and understand how they can be implemented to secure your hardware.
Jean-Georges Valle
Practical Hardware Pentesting, Second Edition, is an example-driven guide that will help you plan attacks, hack your embedded devices, and secure the hardware infrastructure.Throughout the book, you’ll explore the functional and security aspects of a device and learn how a system senses and communicates with the outside world. You’ll set up a lab from scratch and gradually work towards an advanced hardware lab.The first part of this book will get you attacking the software of an embedded device. This will get you thinking from an attacker point of view; you’ll understand how devices are attacked, compromised, and how you can harden a device against the most common hardware attack vectors. As you progress, you’ll get to grips with the global architecture of an embedded system and sniff on-board traffic, learn how to identify and formalize threats to the embedded system, and understand its relationship with its ecosystem. This 2nd Edition covers real-world examples featuring various devices like smart TVs, baby monitors, or pacemakers, you’ll discover how to analyze hardware and locate its possible vulnerabilities before going on to explore firmware dumping, analysis, and exploitation.By the end of this book, you’ll and understand how to implement best practices to secure your hardware.
Sravani Bhattacharjee
Securing connected industries and autonomous systems is of primary concern to the Industrial Internet of Things (IIoT) community. Unlike cybersecurity, cyber-physical security directly ties to system reliability as well as human and environmental safety.This hands-on guide begins by establishing the foundational concepts of IIoT security with the help of real-world case studies, threat models, and reference architectures. You’ll work with practical tools to design risk-based security controls for industrial use cases and gain practical knowledge of multi-layered defense techniques, including identity and access management (IAM), endpoint security, and communication infrastructure. You’ll also understand how to secure IIoT lifecycle processes, standardization, and governance. In the concluding chapters, you’ll explore the design and implementation of resilient connected systems with emerging technologies such as blockchain, artificial intelligence, and machine learning.By the end of this book, you’ll be equipped with the all the knowledge required to design industry-standard IoT systems confidently.
Brian Russell, Drew Van Duren
With the advent of Internet of Things (IoT), businesses will be faced with defending against new types of threats. The business ecosystem now includes cloud computing infrastructure, mobile and fixed endpoints that open up new attack surfaces, a desire to share information with many stakeholders and a need to take action quickly based on large quantities of collected data. . It therefore becomes critical to ensure that cyber security threats are contained to a minimum when implementing new IoT services and solutions. . The interconnectivity of people, devices, and companies raises stakes to a new level as computing and action become even more mobile, everything becomes connected to the cloud, and infrastructure is strained to securely manage the billions of devices that will connect us all to the IoT. This book shows you how to implement cyber-security solutions, IoT design best practices and risk mitigation methodologies to address device and infrastructure threats to IoT solutions.This book will take readers on a journey that begins with understanding the IoT and how it can be applied in various industries, goes on to describe the security challenges associated with the IoT, and then provides a set of guidelines to architect and deploy a secure IoT in your Enterprise. The book will showcase how the IoT is implemented in early-adopting industries and describe how lessons can be learned and shared across diverse industries to support a secure IoT.
Tajinder Kalsi
With the growing popularity of Linux, more and more administrators have started moving to the system to create networks or servers for any task. This also makes Linux the first choice for any attacker now. Due to the lack of information about security-related attacks, administrators now face issues in dealing with these attackers as quickly as possible. Learning about the different types of Linux security will help create a more secure Linux system.Whether you are new to Linux administration or experienced, this book will provide you with the skills to make systems more secure.With lots of step-by-step recipes, the book starts by introducing you to various threats to Linux systems. You then get to walk through customizing the Linux kernel and securing local files. Next you will move on to manage user authentication locally and remotely and also mitigate network attacks. Finally, you will learn to patch bash vulnerability and monitor system logs for security.With several screenshots in each example, the book will supply a great learning experience and help you create more secure Linux systems.
Practical Memory Forensics. Jumpstart effective forensic analysis of volatile memory
Svetlana Ostrovskaya, Oleg Skulkin
Memory Forensics is a powerful analysis technique that can be used in different areas, from incident response to malware analysis. With memory forensics, you can not only gain key insights into the user's context but also look for unique traces of malware, in some cases, to piece together the puzzle of a sophisticated targeted attack.Starting with an introduction to memory forensics, this book will gradually take you through more modern concepts of hunting and investigating advanced malware using free tools and memory analysis frameworks. This book takes a practical approach and uses memory images from real incidents to help you gain a better understanding of the subject and develop the skills required to investigate and respond to malware-related incidents and complex targeted attacks. You'll cover Windows, Linux, and macOS internals and explore techniques and tools to detect, investigate, and hunt threats using memory forensics. Equipped with this knowledge, you'll be able to create and analyze memory dumps on your own, examine user activity, detect traces of fileless and memory-based malware, and reconstruct the actions taken by threat actors.By the end of this book, you'll be well-versed in memory forensics and have gained hands-on experience of using various tools associated with it.
Davide Bedin
This second edition will help you get to grips with microservice architectures and how to manage application complexities with Dapr in no time. You'll understand how Dapr simplifies development while allowing you to work with multiple languages and platforms. Following a C# sample, you'll understand how Dapr's runtime, building blocks, and software development kits (SDKs) help you to simplify the creation of resilient and portable microservices.Dapr provides an event-driven runtime that supports the essential features you need for building microservices, including service invocation, state management, and publish/subscribe messaging. You'll explore all of those in addition to various other advanced features with this practical guide to learning Dapr. With a focus on deploying the Dapr sample application to an Azure Kubernetes Service cluster and to the Azure Container Apps serverless platform, you’ll see how to expose the Dapr application with NGINX, YARP, and Azure API Management.By the end of this book, you'll be able to write microservices easily by implementing industry best practices to solve problems related to distributed systems.
Heather Mahalik, Rohit Tamma, Satish Bommisetty
Mobile phone forensics is the science of retrieving data from a mobile phone under forensically sound conditions. This book is an update to Practical Mobile Forensics and it delves into the concepts of mobile forensics and its importance in today's world. We will deep dive into mobile forensics techniques in iOS 8 - 9.2, Android 4.4 - 6, and Windows Phone devices. We will demonstrate the latest open source and commercial mobile forensics tools, enabling you to analyze and retrieve data effectively. You will learn how to introspect and retrieve data from cloud, and document and prepare reports for your investigations.By the end of this book, you will have mastered the current operating systems and techniques so you can recover data from mobile devices by leveraging open source solutions.